Add the user to predefined Ranger access policies
After assigning the EnvronmentUser role to the new user, you must add the user to the appropriate predefined Ranger access policies for NiFi and NiFi Registry. These policies determine what the user can command, control, and observe in a NiFi dataflow or in the NiFi Registry.
Each predefined Ranger access policy confers specific rights to NiFi or NiFi Registry resources. When an authenticated flow-management user attempts to view or modify a NiFi or NiFi Registry resource, the system checks whether the user is associated with the specific Ranger access policy that confers the privileges to perform that action.
For more information, see:
- Predefined Ranger access policies for NiFi resources
- Preefined Ranger access policies for NiFi Registry resources
From the base cluster with Ranger, click the Ranger
The Ranger Service Manager page appears.
Each cluster in the environment is listed under its respective service. For example, the NiFi clusters in the environment are listed under NiFi.
Select a cluster from either the NiFi or NiFi
The following image shows the list of predefined policies for NiFi:The List of Policies page appears.
Click the ID for a policy.
The following image shows the list of predefined policies for NiFi:The Edit Policy page appears.
- In the Allow Conditions section, add the user or the user group to the Select User field.
- Click Save.